Threat actors actively exploit D-Link DIR-859 router flaw

MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769.
Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849.
CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog.
Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw.
Critical Fortinet's FortiClient EMS flaw actively exploited in the wild.
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware.
PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released.
Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware.
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204.
Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell.
Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw.
Threat actors started exploiting critical ownCloud flaw CVE-2023-49103.
Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748.
Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198.
Experts released PoC exploit code for VMware Aria Operations for Logs flaw.
North Korea-linked APT groups actively exploit JetBrains TeamCity flaw.
Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August.
WS FTP flaw CVE-2023-40044 actively exploited in the wild.
UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw.
Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035.

This Cyber News was published on securityaffairs.com. Publication date: Mon, 01 Jul 2024 08:13:07 +0000

Cyber News related to Threat actors actively exploit D-Link DIR-859 router flaw

Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
6 months ago Securityaffairs.com

CVE-2024-0717 - A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, ...
11 months ago

Operation Morpheus took down 593 Cobalt Strike servers used by threat actors - Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers. Threat actors may have exploited a zero-day in older iPhones, Apple warns. Nation-state ...
6 months ago Securityaffairs.com

Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
11 months ago Microsoft.com

Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
7 months ago Securityaffairs.com

Juniper Networks fixed a critical authentication bypass flaw in some of its routers - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 ...
6 months ago Securityaffairs.com

New ATM Malware family emerged in the threat landscape - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Raspberry Robin spotted using two ...
7 months ago Securityaffairs.com

TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
1 year ago Feeds.fortinet.com

CERT-UA warns of malware campaign conducted by threat actor UAC-0006 - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Recent DarkGate campaign exploited ...
7 months ago Securityaffairs.com

New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
6 months ago Securityaffairs.com

Experts released PoC exploit code for RCE in Fortinet SIEM - Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Crowdfense is offering a larger 30M USD exploit acquisition program. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. PoC ...
7 months ago Securityaffairs.com

Critical unauthenticated RCE flaw in OpenSSH server - MUST READ. Critical unauthenticated remote code execution flaw in OpenSSH server. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities ...
6 months ago Securityaffairs.com

Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
1 year ago Microsoft.com

FlyingYeti targets Ukraine using WinRAR exploit to drop Malware - MUST READ. FlyingYeti targets Ukraine using WinRAR exploit to deliver COOKBOX Malware. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Microsoft fixed two zero-day bugs exploited in malware attacks. ...
7 months ago Securityaffairs.com

PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers - The D-Link EXO AX4800 router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. The D-Link DIR-X4860 router is a high-performance Wi-Fi 6 router capable of ...
8 months ago Bleepingcomputer.com

Critical Apache Log4j2 flaw still threatens global finance - Critical Apache Log4j2 flaw still threatens global finance. CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise ...
7 months ago Securityaffairs.com

Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers - Attackers have started to exploit a critical-severity vulnerability impacting D-Link DIR-859 WiFi routers, which were discontinued four years ago. The issue, tracked as CVE-2024-0769, is described as a path traversal flaw in the HTTP POST request ...
6 months ago Securityweek.com

Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol host, leading to data exfiltration and the deployment of Trigona ransomware. On Christmas Eve, within just three hours of gaining initial access, ...
11 months ago Thedfirreport.com

How to Overcome the Most Common Challenges with Threat Intelligence - Today's typical approach to threat intelligence isn't putting organizations in a place to do that. Instead, many threat intelligence tools are delivering too much uncurated and irrelevant information that arrives too late to act upon. Organizations ...
1 year ago Cyberdefensemagazine.com

Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now! - “Beginning on September 28, @Proofpoint began observing attempts to exploit CVE-2024-45519, a remote code execution vulnerability in Zimbra mail servers. Beginning on September 28, @Proofpoint began observing attempts to exploit CVE-2024-45519, ...
3 months ago Securityaffairs.com

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities - SUMMARY. The Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, National Security Agency, Environmental Protection Agency, and the Israel National Cyber Directorate-hereafter referred to as "The authoring agencies"-are ...
1 year ago Cisa.gov

What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
1 year ago Feeds.dzone.com

What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
11 months ago Techrepublic.com

Top 7 Cyber Threat Hunting Tools for 2024 - Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. With ...
11 months ago Techrepublic.com

Latest Cyber News

CVE-2024-12477 - 19 hours ago
CVE-2024-56923 - 20 hours ago
CVE-2024-56924 - 20 hours ago
CVE-2024-56914 - 21 hours ago
CVE-2025-0611 - 21 hours ago
CVE-2025-0612 - 21 hours ago
CVE-2024-9310 - 22 hours ago
CVE-2024-11166 - 22 hours ago
CVE-2025-23047 - 23 hours ago
CVE-2024-55957 - 23 hours ago
CVE-2025-0651 - 23 hours ago
CVE-2025-24401 - 1 day ago
CVE-2025-24402 - 1 day ago
CVE-2025-24403 - 1 day ago
CVE-2025-20165 - 1 day ago
CVE-2025-23028 - 1 day ago
CVE-2025-24397 - 1 day ago
CVE-2025-24398 - 1 day ago
CVE-2025-24399 - 1 day ago
CVE-2025-24400 - 1 day ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-22349 - 2 days ago
CVE-2024-10846 - 2 days ago
CVE-2024-45336 - 2 days ago
CVE-2024-45341 - 2 days ago
CVE-2024-45091 - 2 days ago
CVE-2024-13444 - 2 days ago
CVE-2024-57934 - 2 days ago
CVE-2024-57938 - 2 days ago
CVE-2025-0509 - 2 days ago
CVE-2025-21660 - 2 days ago
CVE-2024-49700 - 2 days ago
CVE-2024-51919 - 2 days ago
CVE-2025-22318 - 2 days ago
CVE-2025-22553 - 2 days ago
CVE-2025-22717 - 2 days ago
CVE-2025-22727 - 2 days ago
CVE-2025-22733 - 2 days ago
CVE-2025-0623 - 2 days ago
CVE-2024-54792 - 1 day ago
CVE-2025-22150 - 1 day ago